CVE-2020-1992
published 2020-04-08CVE-2020-1992: A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the…
PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.37%
87.2th percentile
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 9.0 < 9.0.7 | 9.0.7 |
| palo_alto_networks | pan-os | >= 9.1 < 9.1.2 | 9.1.2 |
| paloalto | pan-os | — | — |
| paloaltonetworks | pan-os | >= 9.0.0 < 9.0.7 | 9.0.7 |
| paloaltonetworks | pan-os | >= 9.1.0 < 9.1.2 | 9.1.2 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rpm3-9x65-q856: A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to cr
ghsa_unreviewed·2022-05-24
CVE-2020-1992 [HIGH] GHSA-rpm3-9x65-q856: A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to cr
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls.
Palo Alto
PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
vendor_paloalto·2020-04-08·CVSS 9.8
CVE-2020-1992 [CRITICAL] CWE-134 PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges.
This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured.
This issue requires WildFire services to be configured and enabled.
This issue does not affect PAN-OS 8.1 and earlier releases.
This issue does not affect any other PA Series firewalls.
Affected products: PAN-OS
Solution: This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-04-08
Published